|
2631
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
drm/amdgpu: Corregir el manejo de errores en el reinicio de ranura
Si el dispositivo no se ha recuperado después de que se llama…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-23358
|
2026-04-25 04:03 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2632
|
4.7 |
MEDIUM
Local
|
uutils
|
coreutils
|
The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions (e.g., 0644) before being restrict…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-35357
|
2026-04-25 04:02 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2633
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix stack-out-of-bounds write in devmap
get_upper_ifindexes() iterates over all upper devices and writes their
indices into …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-23359
|
2026-04-25 04:02 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2634
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
bpf: Corrección de escritura fuera de límites de la pila en devmap
get_upper_ifindexes() itera sobre todos los dispositivos supe…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-23359
|
2026-04-25 04:02 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2635
|
4.7 |
MEDIUM
Local
|
uutils
|
coreutils
|
A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link …
|
CWE-59
CWE-367
Link Following
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-35359
|
2026-04-25 04:02 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2636
|
6.3 |
MEDIUM
Local
|
uutils
|
coreutils
|
The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition during file creation. When the utility identifies a missing path, it later attempts creat…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-35360
|
2026-04-25 04:02 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2637
|
5.6 |
MEDIUM
Local
|
uutils
|
coreutils
|
A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fa…
|
CWE-22
Path Traversal
|
CVE-2026-35363
|
2026-04-25 04:02 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2638
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme: fix admin queue leak on controller reset
When nvme_alloc_admin_tag_set() is called during a controller reset,
a previous ad…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-23360
|
2026-04-25 03:59 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2639
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
nvme: corrige la fuga de la cola de administración al reiniciar el controlador
Cuando se llama a nvme_alloc_admin_tag_set() dura…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-23360
|
2026-04-25 03:59 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2640
|
4.3 |
MEDIUM
Adjacent
|
openbsd
|
openbsd
|
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_o…
|
CWE-1284
CWE-835
Improper Validation of Specified Quantity in Input
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-41285
|
2026-04-25 03:59 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
